A database management system (DBMS) is a suite of programs which typically manage large structured sets of data, offering ad hoc query facilities to many users. A DBMS is an extremely complex set of software programs that controls the organization, storage and retrieval of data (fields, records and files) in a database, as well as controlling the security and integrity of the database and its data. The DBMS accepts requests for data from one or more application programs and instructs the operating system to transfer the appropriate data. With a DBMS, information systems can be modified much more easily as the organization's information requirements change. For example, new categories of data can be added to the database without disrupting the existing system.
A DBMS can employ a variety of data organizational techniques, including hierarchical, network, and relational structures, as well as inverted lists, and the DBMS's organization is not limited to only one approach. Hence, a DBMS can include navigational and/or relational (SQL) databases, as well as an Application Development System (ADS) which interfaces with user programs such as Cobol. Internet access can be provided to a DBMS using, for example, JDBC and ODBC standards. These systems can be run on a variety of operating systems, including z/OS, VSE and BS2000. Examples of DBMS applications include computerized library systems, flight reservation systems, computerized parts inventory systems, personnel systems, etc.
Security is a primary concern in any DBMS. Data security prevents unauthorized users from viewing or updating the database. Users are allowed access to the entire database or subsets of the database, called subschemas, typically using passwords. The DBMS can further maintain the integrity of the database by not allowing more than one user to update the same record at the same time and/or by preventing the entry of duplicate records, that is, records with identical data or identical key fields.
The various capabilities or resources, including a task, such as search, sort, compile, an activity, a program, a system program, sign on, and sign off, etc., contained in the DBMS must also be secured to maintain the integrity of the database. For example, in one well-known DBMS, security of these resources is controlled through a table load module that indicates what resources are secured, and, if a resource is secured, whether the security is provided internally or externally to the DBMS. Access to resources that are externally secured can be controlled by security systems such as ACF2, RACF or Top Secret.
Controlling resources through a single table load module enhances security by placing resource security information in one secure location. However, a table load module is difficult to customize, update or amend. Source code, corresponding to the load module, must also be separately maintained, so that additions, deletions, and/or changes to resources, such as changing sign-on security from internal to external, can be made and the source can be re-assembled into an updated load module. Securely maintaining this source code is problematic; even if the code is placed in a secure location, it can be overwritten or inadvertently lost. Thus there is a need for a method for determining and amending a resource's security information in a load module when a change or addition to the resources is desired.